205
"We found a vulnerability..." (lemmy.sdf.org)
submitted 1 day ago by 52fighters to c/fdroid@lemmy.ml
54 comments fedilink hide all child comments

Can I get more info on why these are showing up? I've never seen such a thing on F-Droid before.

you are viewing a single comment's thread
view the rest of the comments
[-] DishonestBirb@lemmy.world 9 points 1 day ago* (last edited 1 day ago)

Uninstalling my primary browser isn't really a practical solution, what am I supposed to use, Chrome? How about fixing the version they're shipping? Or should I be looking somewhere other than F-Droid for Android Firefox?

[-] cyberwolfie@lemmy.ml 10 points 1 day ago* (last edited 1 day ago)

I changed to the Divest-repo for Mull, and they have an updated version that has fixed these security issues.

ETA: Different signing keys though, so you can't just update it, but have to reinstall.

[-] Moah@lemmy.blahaj.zone 1 points 22 hours ago

How do you do that?

[-] cyberwolfie@lemmy.ml 2 points 21 hours ago

You add https://divestos.org/apks/official/fdroid/repo/ as a repo in F-Droid settings. After that you can choose which repo to prefer for Mull.

[-] Moah@lemmy.blahaj.zone 1 points 21 hours ago

Thank you

[-] kazaika@lemmy.world 9 points 1 day ago

Theyre the distributor, the dont fix apps and its not their job to do so. Getting the same app from a different source wont change anything

[-] Swedneck@discuss.tchncs.de 3 points 1 day ago

huh? no one's asking them to fix firefox, we're asking that they just ship the latest version.

the warning states that several vulnerabilities have been fixed since firefox version 130, f-droid's latest version of the package is 129: that very much makes it sound like the problem is wholly caused by f-droid not making version 130 available.

[-] AlpacaChariot@lemmy.world 4 points 16 hours ago

To ship it they have to work out how to build that version themselves from source though - that's their whole thing. It's not like a normal app store where they take pre-built binaries from the developer.

[-] kazaika@lemmy.world 2 points 23 hours ago

Well ok if thats the case you are completely right, as long as there isnt some kind of issue and others have already updated the package pushing security fixes asap is indeod important

[-] ace_garp@lemmy.world 2 points 22 hours ago

Iceraven is a Mozilla based standin.

Can install FFUpdater here:

https://f-droid.org/packages/de.marmaro.krt.ffupdater/

and then select it from there.

[-] victorz@lemmy.world 3 points 1 day ago

I just install Firefox from the Play Store. ๐Ÿคทโ€โ™‚๏ธ Is that bad?

[-] x00z@lemmy.world 9 points 1 day ago

Yes

[-] victorz@lemmy.world 4 points 1 day ago

Why?

[-] x00z@lemmy.world 3 points 1 day ago

Goggle bad :^)

[-] victorz@lemmy.world 3 points 1 day ago

But Firefox good..? Serious replies only please, I really am curious.

[-] usernameusername@lemm.ee 1 points 21 hours ago* (last edited 21 hours ago)

I think it's just that normal Firefox has more propietary stuff and more tracking by default

[-] victorz@lemmy.world 1 points 20 hours ago

Ah okay, so in a way it's more about Firefox than about Google. ๐Ÿ‘

this post was submitted on 25 Oct 2024
205 points (99.5% liked)

F-Droid

8035 readers
150 users here now

F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.

Website | GitLab | Mastodon

Matrix space | forum | IRC

founded 3 years ago
MODERATORS
fossdd@lemmy.ml
testman@lemmy.ml